Development Process Assurance

Role of Development Process Assurance

Development Process Assurance in the CC

Configuration Management (ACM)

Configuration Management Automation

Partial CM Automation

Complete CM Automation

Configuration Management Capabilities

Version Numbers

Configuration Items

Authorization Controls

Generation Support and Acceptance

Advanced Support

Configuration Management Scope

TOE CM Coverage

Problem Tracking CM Coverage

Development Tools CM Coverage

Life Cycle Support (ALC)

Development Security

Identification of Security Measures

Sufficiency of Security Measures

Flaw Remediation

Basic Flaw Remediation

Flaw Reporting Procedures

Systematic Flaw Remediation

Life Cycle Definition

Developer Defined Life-cycle Model

Standardized Life-cycle Model

Measurable Life-cycle Model

Tools and Techniques

Well-Defined Development Tools

Compliance With Implementation Standards

Compliance With Implementation Standards – All Parts

Maintenance of Assurance (AMA)

Assurance Maintenance Plan

Assurance Maintenance Plan

Assurance Maintenance Plan (cont)

TOE Component Categorization Report

TOE Component Categorization Report

Evidence of Assurance Maintenance

Evidence of Maintenance Process

Security Impact Analysis

Sampling of Security Impact Analysis

Sampling of Security Impact Analysis

Examination of Security Impact Analysis